Security Response to CAN-2004-0885: Audit Warns of Possible mod_proxy Vulnerability (1555)
A security software audit warns that an ESX Server machine may have the security vulnerability described at:
How can I protect the server? Does VMware have a fix for this?
ESX Server 2.5 updates the mod_ssl library to Version 2.8.20 so that CAN-2004-0885 should not be identified as a vulnerability by a standard security scan. VMware also provides the same update to mod_ssl for ESX 2.1.x, 2.0.x and 1.5.2 in the following security updates: